Skip to main content

sed regular expression to extract mes...

sed regular expression to extract message part of the syslog (AIX):

#>sed 's/\(...\) \(..\) \(..\:..\:..\) \(.*\)/\4/' /var/adm/syslog


myhost auth|security:err|error tsm: : 3004-025 - tcgetattr  failed errno "25". 
myhost auth|security:notice su: from dude to root at /dev/pts/109
myhost daemon:err|error root: Msg from Err Log: A924A5FC 0524165910 P S SYSPROC SOFTWARE PROGRAM ABNORMALLY TERMINATED 
myhost daemon:err|error last message repeated 2 times
myhost user:info syslog: libtt[1224956]: _Tt_rpc_client::init(): fcntl(F_SETFD) failed for socket =  20
myhost user:info last message repeated 10 times
myhost user:info syslog: libtt[3125324]: _Tt_rpc_client::init(): fcntl(F_SETFD) failed for socket =  20
myhost user:info last message repeated 10 times
myhost auth|security:info sshd[946242]: Received disconnect from 127.0.0.1: 0: 
myhost auth|security:info sshd[946178]: Accepted password for dude from 127.0.0.1 port 4341 ssh2


will print everything after the date and time of the syslog message which forms the main part of the syslog message.  This is useful for generating reports of syslog (critical/error) etc. 

Popular posts from this blog

Commands to restart RMC connection (t...

Commands to restart RMC connection (to HMC from LPAR) It has become very common with the IBM HMC to LPAR (logical/micro partition) communication to drop for unknown reasons.  Most of the time this is not a problem unless there is a need to do a dynamic logical partition operation (or DLAPR operation to add/remove resources on the fly).  This will become evident during the DLPAR operation when HMC complains about having no RMC connection to LPAR in operation.  When this happens run the following commands on the LPAR in question before reattemping the operation.  The DLPAR operation will still work with out this connection, but the LPAR needs a restart to see the change in the resources.  Restart the RMC connection on the LPAR: # /usr/sbin/rsct/install/bin/recfgct # /usr/sbin/rsct/bin/rmcctrl -p Verify the connection by running: lsrsrc IBM.ManagementServer This will show the HMC IP/hostname and the LPAR information.

Converting SEA on VIO from access to trunk mode

Shared Ethernet Adapters on VIO server can be configured in two different modes while accessing the external network. 1.  Simple mode 2. Trunk mode or 802.1Q mode In a Simple mode, the SEA is not aware of any VLAN information and bridges all the network packets to the external switch.  the external switch then determines the target and routes/discards it accordingly.  This is very useful when there is only one VLAN that needs to be serviced through the SEA to the LPARs using these VIO servers.  The configuration on the switch as well as the VIO (SEA) is simple and straight forward.  In a Trunk mode (802.1Q complaint), the SEA is aware of the VLANs and bridges only the packets that is part of the ‘Additional VLANs’ list.  The external switch then determines the target and routes/discards it accordingly.  This is very useful when there is a need to service multiple VLANs through the same SEA adapter.  This will provide the ability to create LPAR...

Shared Ethernet Adapter failover

Shared Ethernet Adapter (SEA): Shared Ethernet Adapter (SEA) provides the ability to share a physical adapter between multiple client partitions. It provides the connection between the virtual and physical network. The SEA acts like a layer-2 bridge between internal and external network SEA failover: SEA failover can be achieved by having SEA configured on two VIO servers which with the bridging functionality enabled ('Access External network'). They use a control channel to determine who is currently providing the Ethernet service to the client partitions. The client partition gets one virtual Ethernet adapter bridged by two VIO servers. From the client partition it looks like it has one virtual Ethernet adapter bridged by one VIO server - any given point of time. The SEA also support 802.1Q VLAN tagging like a regular SEA. Requirements for implementing SEA failover: VIO servers (on the same physical m...